AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of 
claims in the application: 

Listing of Claims: 

1-43. (Cancelled) 

44. (previously presented) A method of protecting from modification computer 

apparatus comprising a plurality of functional modules, wherein the 
computer apparatus contains or is in communication with a trusted device 
adapted to respond to a user in a trusted manner, the method comprising: 

storing a module configuration of the computer apparatus providing 
an identification of each functional module in the computer apparatus; 

the trusted device performing a cryptographic identification process 
for modules with a cryptographic identity to identify them and thereby 
determine an actual module configuration; 

the trusted device comparing the actual module configuration 
against the stored module configuration; and 

the trusted device inhibiting function of the computer apparatus 
while the actual module configuration does not satisfactorily match the 
stored module configuration. 

45. (previously presented) A method as claimed in claim 44, wherein the stored 

module configuration is held separately from the computing apparatus. 

46. (previously presented) A method as claimed in claim 44, wherein the stored 

module configuration is stored such that it is accessible only by a 
cryptographic authentication process. 
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47. (previously presented) A method as claimed in claim 44, wlierein the trusted 

device is adapted to communicate securely with the stored module 
configuration. 

48. (previously presented) A method as claimed in claim 47, wherein the stored 

module configuration is stored in a security token. 

49. (previously presented) A method as claimed in claim 48, wherein the security 

token is a smart card. 

50. (previously presented) A method as claimed in claim 44, wherein the step of 

checking of the actual module configuration comprises a cryptographic 
identification process for modules with a cryptographic identity. 

51. (previously presented) A method as claimed in claim 48, wherein a stored 

module configuration is held by a remote module validation authority and 
the remote validation authority provides a service allowing a replacement 
security token to be provided if a security token is lost or stolen. 

52. (previously presented) Computer apparatus adapted for protection against 

modification, the computer apparatus comprising a plurality of functional 
modules, one of said modules being a trusted device adapted to respond 
to a user in a trusted manner, the computer apparatus having a module 
configuration providing an identification of each functional module in the 
computer apparatus, wherein the trusted device is adapted to compare a 
module configuration of the computer apparatus against a stored module 
configuration by performing a cryptographic identification process for 
modules with a cryptographic identity to determine an actual module 
configuration and to compare the actual module configuration against the 
stored module configuration, wherein function of the computer apparatus 
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is inhibited while the actual module configuration does not satisfactorily 
match the stored module configuration. 

53. (previously presented) Computer apparatus as claimed in claim 52, wherein 
the stored module configuration is held separately from the computing 
apparatus and wherein the computer apparatus is adapted to obtain the 
stored module configuration by a cryptographic authentication process. 

54-56. (canceled) 

57. (currently amended) A method of protecting from modification computer 

apparatus comprising a plurality of functional modules by monitoring the 
configuration of functional modules within the computer apparatus, the 
method comprising: 

storing a module configuration of the computer apparatus, the 
module configuration being an identification of each functional module in 
the computer apparatus as validly formed, on a security token removably 
attachable to the computer apparatus; and 

checking an actual module configuration against the stored module 
configuration , and i nhib i t i ng funct i on of th e comput e r apparatus i f th e 
actua l modul o configuration do e s not sat i sfactor il y match th e stor e d 
module conf i guration ; 

wherein the computer apparatus contains or is in communication 
with a trusted device adapted to respond to a user in a trusted manner 
and the trusted device i s adapt e d to p e rform the step of inh i b i t i ng inhibits 
function of the computer apparatus if the actual module configuration does 
not satisfactorily match the stored module configuration. 

58. (previously presented) A method as claimed in claim 57, wherein the stored 

module configuration is stored such that it is accessible only by a 
cryptographic authentication process. 
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59. (previously presented) A method as claimed in claim 58, wherein the trusted 

device is adapted to perform the step of checking the actual module 
configuration against the stored module configuration. 

60. (previously presented) A method as claimed in claim 59, wherein the trusted 

device is adapted to communicate securely with the security token. 

61. (previously presented) A method as claimed in claim 57, wherein the security 

token is a smart card. 

62. (previously presented) A method as claimed in claim 57, wherein the stored 

module configuration is also held by a remote module validation authority. 

63. (previously presented) A method as claimed in claim 62, wherein the step of 

checking the actual module configuration against the stored module 
configuration involves use of the stored module configuration held by the 
remote module validation authority. 

64. (previously presented) A method as claimed in claim 62, wherein the remote 

validation authority provides a service allowing a replacement security 
token to be provided if a security token is lost or stolen. 

65. (previously presented) A method as claimed in claim 44, wherein the trusted 
device is a tamper-resistant or a tamper-detecting device. 

66. (previously presented) Computer apparatus as claimed in claim 52, wherein 
the trusted device is a tamper-resistant or a tamper-detecting device. 

67. (previously presented) A method as claimed in claim 57, wherein the trusted 
device is a tamper-resistant or a tamper-detecting device. 
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